Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/KIohvd4waSE2dr6IFfN9Xcxnbvg.roa
File: KIohvd4waSE2dr6IFfN9Xcxnbvg.roa (raw, json)
Hash identifier: xV8+BHEUdzTaby7RzCaQP8BSW7mMvUwmHJ+OA6DJoBc=
Subject key identifier: 28:8A:21:BD:DE:30:69:21:36:76:BE:88:15:F3:7D:5D:CC:67:6E:F8
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018571E888860D186A421C2B103B9885B88A
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/KIohvd4waSE2dr6IFfN9Xcxnbvg.roa
Signing time: Mon 02 Jan 2023 09:55:42 +0000
ROA not before: Mon 02 Jan 2023 09:55:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 85.209.120.0/23 maxlen: 24
45.13.188.0/24 maxlen: 24
77.83.38.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 03 Jan 2023 11:38:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:e8:88:86:0d:18:6a:42:1c:2b:10:3b:98:85:b8:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jan 2 09:55:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=288a21bdde3069213676be8815f37d5dcc676ef8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:85:bd:ff:b9:6c:02:c9:3c:5e:d5:da:cd:ee:
93:d6:fe:92:05:69:f0:55:b9:6b:0f:b9:46:38:2b:
f0:3b:81:1a:ff:83:b9:a7:c8:18:bc:f8:7e:6f:63:
59:be:1e:e8:90:63:91:01:70:ce:51:64:5a:cc:9c:
a4:c1:57:00:ad:c1:2a:a7:d7:fe:32:ac:9d:b7:a3:
9b:f1:63:64:3d:cc:6f:b3:34:08:ed:7b:41:cf:3b:
43:58:70:9d:1f:b7:e8:c9:82:5e:c4:ff:ed:3a:76:
04:65:53:fd:33:2e:1a:ba:89:47:e6:89:3f:cf:fc:
da:b9:eb:40:dc:0f:cd:8f:2a:38:3f:bc:08:f1:07:
c6:7a:4b:8e:83:c3:e0:9b:35:e0:3e:74:fa:94:86:
30:d8:fc:27:9b:b5:2e:ef:47:24:64:be:7f:1a:20:
52:33:4c:40:2c:e3:d9:bc:8b:06:54:a5:0f:15:55:
73:89:35:6f:d0:7a:95:bb:1b:f8:61:0b:ca:4c:26:
ff:ed:f0:ed:cb:b2:d9:ba:d8:64:ca:8f:9e:42:2f:
ab:d4:be:2a:fc:fd:16:41:b9:c1:fa:21:85:85:ec:
f0:23:ee:f4:d1:27:da:5c:70:f3:9c:14:de:7d:1c:
d5:9d:95:92:56:7b:4a:2d:bb:6a:f2:f0:c3:05:ea:
10:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:8A:21:BD:DE:30:69:21:36:76:BE:88:15:F3:7D:5D:CC:67:6E:F8
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/KIohvd4waSE2dr6IFfN9Xcxnbvg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.188.0/24
77.83.38.0/24
85.209.120.0/23
Signature Algorithm: sha256WithRSAEncryption
ad:f5:78:99:55:3d:6a:2d:7e:6e:73:cd:47:d5:f9:bc:df:39:
67:98:8c:f9:c5:a1:c5:24:ec:2c:a4:dd:13:94:d0:a4:ae:7e:
63:d9:e3:68:5a:49:0f:0d:3d:6b:09:ce:0b:cb:1d:8a:1a:11:
ae:73:28:be:31:9e:c8:7f:e8:11:9c:2b:9c:27:85:18:a1:d7:
86:a2:62:26:9e:1b:bb:30:11:23:ae:19:9e:77:8f:3d:72:c1:
e4:7f:0d:19:5b:9b:ed:d9:35:a0:9b:6b:2e:da:8f:a1:3b:a6:
56:cb:08:16:6f:27:d1:12:2f:c6:19:cf:64:e3:7b:64:e1:3f:
fd:dc:e6:9a:ae:10:73:53:f4:f8:9b:f6:b5:ea:8f:f3:8c:8d:
d0:47:dc:40:04:75:a8:84:87:fe:e9:02:e0:ba:8d:ff:8e:f3:
d1:85:7e:01:28:b2:a3:da:71:47:69:e4:a4:8a:e7:42:3d:16:
36:73:e3:a2:09:62:6c:34:8d:5e:13:7e:a0:b4:dd:24:89:16:
d1:44:fa:8a:c0:9b:be:99:54:05:a4:00:78:11:db:ba:d7:90:
4e:0d:22:e0:17:6d:fd:00:02:8a:aa:1f:a1:ac:0e:bf:1b:b2:
10:df:96:92:1f:75:8f:a9:88:5c:50:a7:f9:ac:34:c6:9a:23:
65:22:f5:81
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVx6IiGDRhqQhwrEDuYhbiKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMwMTAyMDk1NTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODhhMjFiZGRlMzA2OTIxMzY3NmJlODgxNWYzN2Q1ZGNjNjc2ZWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyYW9/7lsAsk8XtXaze6T1v6SBWnw
VblrD7lGOCvwO4Ea/4O5p8gYvPh+b2NZvh7okGORAXDOUWRazJykwVcArcEqp9f+
Mqydt6Ob8WNkPcxvszQI7XtBzztDWHCdH7foyYJexP/tOnYEZVP9My4auolH5ok/
z/zauetA3A/Njyo4P7wI8QfGekuOg8PgmzXgPnT6lIYw2Pwnm7Uu70ckZL5/GiBS
M0xALOPZvIsGVKUPFVVziTVv0HqVuxv4YQvKTCb/7fDty7LZuthkyo+eQi+r1L4q
/P0WQbnB+iGFhezwI+700SfaXHDznBTefRzVnZWSVntKLbtq8vDDBeoQtQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCiKIb3eMGkhNna+iBXzfV3MZ274MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvS0lvaHZkNHdhU0UyZHI2SUZmTjlYY3huYnZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALQ28AwQA
TVMmAwQBVdF4MA0GCSqGSIb3DQEBCwUAA4IBAQCt9XiZVT1qLX5uc81H1fm83zln
mIz5xaHFJOwspN0TlNCkrn5j2eNoWkkPDT1rCc4Lyx2KGhGucyi+MZ7If+gRnCuc
J4UYodeGomImnhu7MBEjrhmed489csHkfw0ZW5vt2TWgm2su2o+hO6ZWywgWbyfR
Ei/GGc9k43tk4T/93OaarhBzU/T4m/a16o/zjI3QR9xABHWohIf+6QLguo3/jvPR
hX4BKLKj2nFHaeSkiudCPRY2c+OiCWJsNI1eE36gtN0kiRbRRPqKwJu+mVQFpAB4
Edu615BODSLgF239AAKKqh+hrA6/G7IQ35aSH3WPqYhcUKf5rDTGmiNlIvWB
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:18 2024 by rpki-client on console-ams.rpki-client.org